Please dont fix anything in Hijackthis if we do not ask you to do so.
AVZ - File - Custom scripts
Execute the following script (copy it, paste it in the script window of AVZ and execute):
Код:
begin
ClearQuarantine;
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\Program Files\Permeo\e-Border Driver\s5spi.dll','');
QuarantineFile('C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll','');
QuarantineFile('C:\WINDOWS\system32\ah.scr','');
QuarantineFile('C:\WINDOWS\Installer\{44A26F69-C401-4F38-B739-37FB22686C34}\New_Shortcut_S1699_A8EB5A2133B04A97AEEFDFB17E2E701D.exe','');
QuarantineFile('C:\Documents and Settings\Vipul Dusa\Desktop\zenos\zenos.sys','');
QuarantineFile('C:\Documents and Settings\Vipul Dusa\Desktop\ALL YOU NEED FOR REV [1].37 GG 1007\ALL YOU NEED FOR REV .37 GG 1007\xp.sys','');
QuarantineFile('C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys','');
QuarantineFile('C:\Craby_Launcher\Craby Launcher\spuce.sys','');
QuarantineFile('C:\Documents and Settings\Vipul Dusa\Desktop\AkumaEngine33\sejt.sys','');
QuarantineFile('C:\Documents and Settings\Vipul Dusa\Desktop\Craby_Launcher\Craby Launcher\saruen.sys','');
QuarantineFile('C:\Documents and Settings\Vipul Dusa\Desktop\Puma & Apocalypse CT\puma.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\nhcDriver.sys','');
QuarantineFile('C:\WINDOWS\system32\MzBot.sys','');
QuarantineFile('LMIRfsClientNP.sys','');
QuarantineFile('C:\WINDOWS\system32\DRIVERS\lmimirr.sys','');
QuarantineFile('C:\Documents and Settings\Vipul Dusa\Desktop\New Compressed (zipped) Folder\New Folder (2)\Kaspersky.sys','');
QuarantineFile('C:\Documents and Settings\Vipul Dusa\Desktop\Tools_Maple-Fun\MoonLight Engine 1129.1\IlvMoney1129.sys','');
QuarantineFile('C:\Documents and Settings\Vipul Dusa\Desktop\Ultimate_Hack_Pack_7.0_Encore\Ultimate Hack Pack 7.0 Encore\AutoPlay\ICheat_47\iDriver.sys','');
QuarantineFile('C:\maplehacz0rs\Buffy Engine\Buffy Engine\nvid888.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\EagleNT.sys','');
QuarantineFile('C:\Documents and Settings\Vipul Dusa\Desktop\DaEngine\DAEngine\DAK32.sys','');
QuarantineFile('C:\Downloads\Hackpack\ce12\cheetah.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\kbdcap.SYS','');
QuarantineFile('C:\WINDOWS\System32\drivers\Rtlnicxpp.sys','');
QuarantineFile('C:\WINDOWS\system32\DRIVERS\PSTRIP.SYS','');
QuarantineFile('c:\windows\system32\cfgsrvc.exe','');
BC_ImportQuarantineList;
BC_Activate;
RebootWindows(true);
end.
Your computer will reboot.
Upload the quarantined files according to the Appendix 3 of the rules. (upload here: http://virusinfo.info/upload_virus_eng.php?tid=22890 )
Fix the following line in Hijackthis
Код:
O20 - Winlogon Notify: opnlKCRh - C:\WINDOWS\
Deinstall the application viewpoint. I hope you dont need it (it may be the reason of your problem). If it is not in the list for deinstallation, then tell us about it, we can remove it with AVZ.
Make a new hijackthis.log.